package com.tansty.security.config.security;

import com.tansty.security.handler.CustomizeAuthenticationEntryPoint;
import com.tansty.security.handler.CustomizeAuthenticationFailureHandler;
import com.tansty.security.handler.CustomizeAuthenticationSuccessHandler;
import com.tansty.security.handler.CustomizeLogoutSuccessHandler;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * description: Security配置 <br>
 * date: 2021/7/31 18:15 <br>
 * author: ztz <br>
 * version: 1.0 <br>
 */
@Configuration
@EnableWebSecurity
//开启方法权限注解支持
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, jsr250Enabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    UserDetailsServiceImpl userDetailsService;
    /**
     * @Description 认证
     * @author Tansty
     * @date 2021/8/3 14:14
     * @param auth
     */
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
       auth.userDetailsService(userDetailsService).passwordEncoder(new MyPasswordEncoder());
    }
    /**
     * @Description 配置静态资源的过滤
     * @author Tansty
     * @date 2021/8/3 14:14
     * @param web
     */
    @Override
    public void configure(WebSecurity web) throws Exception {
        // 配置静态文件不需要认证
        web.ignoring().antMatchers(
                "/swagger-ui.html",
                // swagger api json
                "/v2/api-docs",
                // 用来获取支持的动作
                "/swagger-resources/configuration/ui",
                // 用来获取api-docs的URI
                "/swagger-resources",
                // 安全选项
                "/swagger-resources/configuration/security",
                "/swagger-resources/**",
                "/webjars/**",
                "/druid/**"
        );
    }

    /**
     * @Description 授权
     * @author Tansty
     * @date 2021/8/3 14:14
     * @param http
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .anyRequest().authenticated().
                // 异常处理(权限拒绝、登录失效等)
                and().exceptionHandling().
                // 匿名用户访问无权限资源时的异常处理
                authenticationEntryPoint(new CustomizeAuthenticationEntryPoint()).and()
                .csrf().disable();
        http.formLogin()
                .permitAll()
                // 登录成功
                .successHandler(new CustomizeAuthenticationSuccessHandler())
                // 登录失败
                .failureHandler(new CustomizeAuthenticationFailureHandler())
                .and().logout().permitAll()
                // 登出
                .logoutSuccessHandler(new CustomizeLogoutSuccessHandler())
                .deleteCookies("JSESSIONID");
    }

}
